Confessions of a Professional Cyber Stalker

Today I had an interesting conversation with Ken Westin. Ken is commonly referred to as ‘The Good Hacker’ and has spent the past 15 years working with law enforcement and research teams to analyze current and emerging threats to determine how our everyday products and gadgets can mitigate these threats.

Ken is regularly reached out to as a subject matter expert in the area of security, privacy and surveillance technologies.

In our industry people do a lot of talking about how they want to stop cyber security threat, developing technologies they hope will stop threats, but rarely do you actually come in contact with people actually demonstrating a track record of success thwarting, mitigating and bringing people to justice.

What you will learn from this interview:

The secret lives of applications that live on our phones. What information are these apps gathering that we’re not aware of and where exactly is that information going? How can this information be used against us and why are these data harvesting protocols not mentioned in the privacy policy or terms of conditions of many apps?

Black Hat tools and where to find them to see what your adversary sees about YOU!

Questions that Boards should ask about what information that they are tracking about customers

The importance of education and security

Efficacy and relevance of Cyber Liability Insurance

The Cybersecurity elephant in the room: companies tracking and selling our private information

How Ken got started in the technology world and different technology he developed to aid in theft recovery

Empowering people with technology. Criminals take the fun out of technology, dealing with hackers in particular. Ransomware – impact on business. Consumers are now able to defend themselves in a hostile environment

Being knowledgeable about what is possible and raising people’s awareness makes a difference.

One of the biggest threats right now is marketing departments that develop spyware and gather information through apps, ad libraries. A lot of information is being harvested from our phones

If you’re not paying for the product, you are the product

Hackers are not the ones that collected the information from people. So how can we secure the information? We need to ask ourselves – what information do we need to collect in order to do business? Companies are collecting information with immunity. If you are collecting that information – you need to be responsible for what you do with it.

Passive Reconnaissance – it’s amazing how much information you can gather through this without touching the network. Can scan network for vulnerabilities without touching it. Just through DNS records, could map Infrastructure, IP ranges, harvest information through LinkedIn. From there, he could identify the technologies he would run into when inside the network.

Hackers involved in the Target breach – they did their homework, they could identify who their business partners were and send phishing emails

In security, we like to learn, that’s why we’re good at what we do and I think everyone in the business needs to take that on. Ignorance is no longer an excuse especially on the business side

We’re seeing a lot more boards care about security, investors and startups caring about security

Boards asking about cyber liability insurance

With cyber liability insurance, there isn’t a lot of data, a lot of it is guessing and with that, a lot of exclusions that get included from these policies and now with the breaches

With the recent breaches we’ve seen, between Target and Sony, they’re seeing that the cost of a data breach is higher than originally thought when you start to think about lawsuits and identify theft insurance. Insurance companies are starting to put a cap on how much they’re liable for.

Need to secure your infrastructure before you get your cyber liability insurance

Data Analytics – Security Analytics is key. Being able to correlate the data is the challenge to identify the real threat to the environment.

Starting to see more correlation between vendors, more open source for threat intelligence

Vendors bringing in data scientists with the data they collect and making it easier on the clients to identify anomalies and the signal to noise ratio

How does Ken see the space maturing to a point which is meaningful to a small to medium business? Tools such as Open DNS, taking complexity away from the businesses. But business can leverage the big data and threat intelligence. Larger businesses will have to have their own teams. Make sure to identify what’s happening in their own network.

STIX/TAXII integration – more and more vendors will start to use this and businesses need to ask their vendors if they are compliant with STIX and TAXII

A lot of industry clout with Soltra and FS-ISAC. Mitigate threats and share information. 46:36

The devil’s in the data. Being able to make sense of the data. Harvest the data. There is data there telling you a story, just a matter of you finding it. Harvest the data.

As an IT guy, this podcast is a treasure to me. Every individual episode discuss about new security options. Nice source for IT people!

— MattB4SBB from Australia, iTunes

RedZone Technologies

Founded in 2001, we support customers based in MD, DC, VA, the Mid Atlantic and nationwide. We serve small businesses to medium enterprises, deploying Security and Managed Services that connect and protect their local to nationwide locations, backed with responsive 24x7 support.